Detections
Analytics
TYPSoft FTP Server <= 1.10 Multiple DoS
medium Nessus Plugin ID 20012
Language:
Synopsis
The remote FTP server is affected by multiple denial of service vulnerabilities.Description
The remote host appears to be using TYPSoft FTP Server, a small FTP server for Windows.According to its banner, the version of TYPSoft FTP Server installed on the remote host is 1.10 or earlier. Such versions suffer from several denial of service vulnerabilities.
A remote attacker, possibly using anonymous access, can cause the server to stop responding by sending it an 'ABOR' command without any active file transfer in progress or can crash it by sending any one of a number of specially crafted FTP commands.
Solution
Remove the affected service or use another product as TYPSoft is no longer supported.See Also
https://seclists.org/fulldisclosure/2005/Oct/351
https://www.securityfocus.com/archive/1/508048/30/0/threaded
Plugin Details
Severity: Medium
ID: 20012
File Name: typsoftftp_retr0_dos.nasl
Version: 1.28
Type: remote
Family: FTP
Published: 10/14/2005
Updated: 11/15/2018
Supported Sensors: Nessus
Risk Information
VPR
Risk Factor: Medium
Score: 5.1
CVSS v2
Risk Factor: Medium
Base Score: 5
Temporal Score: 4.1
Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P
Vulnerability Information
Required KB Items: ftp/typsoftftp
Exploit Available: true
Exploit Ease: Exploits are available
Vulnerability Publication Date: 10/13/2005
Exploitable With
Core Impact
Reference Information
CVE: CVE-2005-3294, CVE-2009-1668, CVE-2009-4105, CVE-2012-5329
BID: 15104, 34901, 37114, 40181, 51891, 52554
CWE: 20